Este fórum ficará ativo até 15/Jun/2019. LEIA AQUI.

Ir para conteúdo
  • Cadastre-se

Claudio V.

Participante
  • Postagens

    14
  • Desde

  • Última visita

Perfil

  • País
    Brasil
  • Estado
    Rio Grande do Sul
  • Sexo
    masculino
  • Escolaridade
    Superior completo
  • Área Profissional
    Engenharia
  • Nível Profissional
    Autônomo
  • Nível de conhecimento de Windows
    Avançado
  • Nível de conhecimento de Segurança Digital
    Básico
  • Sistema operacional que vc utiliza no dia-a-dia
    Windows 10
  1. Boa tarde amigo, consegui restaurar o arquivo hosts, ainda não tive resposta para restaurar de fábrica, assim podemos dar prosseguimento aqui? Obrigado
  2. Pessoal espero que me ajudem, Algumas semanas atrás entrou em vírus no meu notebook que fez um estrago, na área de remoção de vírus consegui com a ajuda do fórum limpar quase tudo, mas decidi fazer uma restauração de fábrica da Samsung para não perder os apps de atualização de drivers, etc O que acontece é quando o notebook reinicia para começar a restauração aparece a seguinte imagem: Could not find Recovery Admin Tool binaries e depois de fechar essa janela aparece outra que não tem memória suficiente para a operação. Como faço para conseguir atualizar pelo app da Samsung ou dando boot pelo F4? Obrigado
  3. Tentei fazer a restauração de fábrica pleo app da samsung para não perder os apps de atualização de driver, etc e apareceu a seguinte mensagem: Could not find Recovery Admin Tool binaries Alguma dica para rodar essa restauração ou o melhor seria abrir outro post em outra área do forum? Obrigado
  4. Bom dia, Mais alguma alternativa antes de decidir fazer a restauração de fábrica?
  5. Não apareceu nada no log Estou pensando seriamente em fazer uma restauração de fábrica, gostaria de sua opinião. Obrigado
  6. Não encontro "MAKE WRITEABLE" só encontro "Make ReadOnly?"
  7. apareceu o seguinte erro: ERROR: Cannot create file C:\Windows\system32\DRIVERS\ETC\hosts
  8. Desculpe a demora para responder, O arquivo Hosts apesentou mesmo comportamento no scan do HighjackThis, isso é normal? e o Windows Defender continua com a proteção em tempo real desabilitada Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 02/05/2019 Hora da análise: 08:33 Arquivo de registro: 1fbb1bd4-6cce-11e9-b6ac-988389c6be6f.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.586 Versão do pacote de definições: 1.0.10430 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 10 (Build 17763.437) CPU: x64 Sistema de arquivos: NTFS Usuário: LAPTOP-Q1B9N1T3\claudio -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 296895 Ameaças detectadas: 0 Ameaças em quarentena: 0 Tempo decorrido: 2 min, 13 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:39:14, on 02/05/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0001) Boot mode: Normal Running processes: C:\Program Files\Samsung\sService\sServiceKeyMonitor.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.4.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\claudio\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "D:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:F9D13DBB-79BD-47aa-B72D-AABBBD3EFFDC (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #1] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:93E5C3D7-CC85-4c5a-BAFE-6BD4A16A34F6 (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #2] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:55FBF596-6A0C-4118-80B0-9D0910BCD098 (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:F9D13DBB-79BD-47aa-B72D-AABBBD3EFFDC (User 'Default user') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\Windows\System32\drivers\AdminService.exe (file missing) O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: ClientAnalyticsService - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\IntelCpHDCPSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe O23 - Service: @oem36.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\Windows\System32\Intel\DPTF\esif_uf.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\igfxCUIService.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Service Controller (mfemms) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: McAfee PEF Service (PEFService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Settings Expansion Launcher - Unknown owner - C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe O23 - Service: Samsung Recovery Service (SamsungRecoveryService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\Recovery\BulletService.exe O23 - Service: SamsungSecurity Launcher - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe O23 - Service: Samsung Update Service (SamsungUpdateService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\SamsungUpdate\SUService.exe O23 - Service: SecPowerCtrlService - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: sService Agent Launcher - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceAgentLauncherSvc.exe O23 - Service: sServiceLoopBack - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceLoopBackSvc.exe O23 - Service: symsrv service (symsrv) - Unknown owner - C:\Program Files\Windows nt\symsrv.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11973 bytes
  9. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:46:42, on 30/04/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0001) Boot mode: Normal Running processes: C:\Program Files\Samsung\sService\sServiceKeyMonitor.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.4.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe C:\Users\claudio\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "D:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:2FEA0B81-BA9B-4e4d-8ACB-B8D050004DD9 (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #1] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:27D44ED1-80C0-4fcf-8BD7-062708D9BB9A (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #2] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:55FBF596-6A0C-4118-80B0-9D0910BCD098 (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:2FEA0B81-BA9B-4e4d-8ACB-B8D050004DD9 (User 'Default user') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\Windows\System32\drivers\AdminService.exe (file missing) O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: ClientAnalyticsService - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\IntelCpHDCPSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe O23 - Service: @oem36.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\Windows\System32\Intel\DPTF\esif_uf.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\igfxCUIService.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Service Controller (mfemms) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: McAfee PEF Service (PEFService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Settings Expansion Launcher - Unknown owner - C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe O23 - Service: Samsung Recovery Service (SamsungRecoveryService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\Recovery\BulletService.exe O23 - Service: SamsungSecurity Launcher - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe O23 - Service: Samsung Update Service (SamsungUpdateService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\SamsungUpdate\SUService.exe O23 - Service: SecPowerCtrlService - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: sService Agent Launcher - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceAgentLauncherSvc.exe O23 - Service: sServiceLoopBack - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceLoopBackSvc.exe O23 - Service: symsrv service (symsrv) - Unknown owner - C:\Program Files\Windows nt\symsrv.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11789 bytes ~ ZHPCleaner v2019.4.29.56 by Nicolas Coolman (2019/04/29) ~ Run by claudio (Administrator) (30/04/2019 17:54:20) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\claudio\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\claudio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 17763) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (8) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (1) MOVED file: C:\Users\claudio\AppData\Local\Temp\aria-debug-7844.log =>.SUP.Temporary.OneDrive ---\\ Registry ( Key, Value, Data) (2) DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a7b6f9eb-11b6-40c0-bab1-f60aaaa9e42e}\\DhcpNameServer [Bad : 179.233.224.31 179.233.224.36] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 179.233.224.31 179.233.224.36] =>Hijacker.Browser ---\\ Summary of the elements found (2) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser ---\\ Other deletions. (8) ~ Registry Keys Tracing deleted (8) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 477 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 1806 ~ End of clean in 00h00mn07s ---\\ Reports (6) ZHPCleaner-[R]-30042019-13_41_58.txt ZHPCleaner-[R]-30042019-17_21_25.txt ZHPCleaner--30042019-13_37_10.txt ZHPCleaner--30042019-17_20_39.txt ZHPCleaner--30042019-17_54_08.txt ZHPCleaner-[R]-30042019-17_54_27.txt
  10. Obrigado pela resposta, mas não pedi para alguém habilitar o office, esse vírus pode ter entrado através de outro? Se conseguir remover esse vírus, posso voltar para ter certeza que foi removido?
  11. ~ ZHPCleaner v2019.4.29.56 by Nicolas Coolman (2019/04/29) ~ Run by claudio (Administrator) (30/04/2019 13:41:35) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\claudio\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\claudio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 17763) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (8) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (26) MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-CD438FB0.pf =>HackTool.KMSpico MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-D9DED63B.pf =>HackTool.KMSpico MOVED file: C:\Windows\Installer\wix{62F029AB-85F2-0000-866A-9FC0DD99DDBC}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{C9552825-7BF2-4344-BA91-D3CD46F4C442}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{CB9926C7-051A-49F0-AC01-33C51342A7DF}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{F814D094-197F-43C8-87FA-3210BB780486}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\ProgramData\RogueKiller\quarantine\A51D1DCFD7DA2F08.vir\Bunifu_UI_v1.5.3.dll [Bunifu Technologies - Bunifu Framework - UI Lib] =>.SUP.Various MOVED file: C:\Users\claudio\AppData\Local\Temp\aria-debug-15452.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\claudio\AppData\Local\Temp\wctEA6A.tmp =>.SUP.Temporary.Office MOVED file: C:\Users\claudio\AppData\Local\Temp\wctF2EE.tmp =>.SUP.Temporary.Office MOVED file: C:\Users\claudio\AppData\Local\Temp\wctFAB6.tmp =>.SUP.Temporary.Office MOVED folder: C:\Users\claudio\AppData\Local\Akamai =>.SUP.AkamaiHD MOVED folder: C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\claudio\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome MOVED folder^: C:\Program Files\Windows nt\symsrv.exe =>Riskware.Agent MOVED folder: C:\Windows\Installer\MSI352A.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI3683.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI3D2A.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI40F6.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI4194.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI42FD.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI5F9A.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI69F1.tmp- =>.SUP.Empty ---\\ Registry ( Key, Value, Data) (6) DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a7b6f9eb-11b6-40c0-bab1-f60aaaa9e42e}\\DhcpNameServer [Bad : 179.233.224.31 179.233.224.36] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 179.233.224.31 179.233.224.36] =>Hijacker.Browser DELETED key*: HKEY_USERS\S-1-5-21-2479708749-3913535991-1293633272-1002\SOFTWARE\Akamai [] =>.SUP.AkamaiHD DELETED key**: HKCU\Software\Akamai [] =>.SUP.AkamaiHD DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.SUP.AkamaiHD DELETED value: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x020000000000000000000000] =>.SUP.AkamaiHD ---\\ Summary of the elements found (9) https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Various https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Office https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Riskware.Agent https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser ---\\ Other deletions. (11) ~ Registry Keys Tracing deleted (11) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ~ The system has been restarted. ---\\ Statistics ~ Items scanned : 477 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 38654 ~ End of clean in 00h00mn23s ---\\ Reports (2) ZHPCleaner--30042019-13_37_10.txt ZHPCleaner-[R]-30042019-13_41_58.txt
  12. Boa tarde, Algum outro link para baixar? Aparece a mensagem 403 Forbidden mesmo com o antivírus desativado. Consegui, já posto o log
  13. Bom dia pessoal, conto com a ajuda de vocês, acredito que algum Malware, vírus ou alguma outra coisa infectou meu notebook, ele está um pouco mais lento e a proteção em tempo real do Defender está desativada e não consigo ativar de novo, no Google Chrome apareceu um Gerenciado pela sua organização na aba Personalizar e Controlar o Google Chrome que não tinha antes, mas não sei se depois da última atualização do Chrome isso é normal... Durante os procedimentos aconteceram algumas coisas, na limpeza do Ccleaner, ele só andou depois de desmarcar o Internet Explorer, pois ficou parado por mais de uma hora e quando desmarquei as opções foi até o fim. No Log do highjackThis apareceu uma janela com a mensagem que por alguma razão o sistema negou o acesso ao arquivo Hosts. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:50:41, on 30/04/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Program Files\Samsung\sService\sServiceKeyMonitor.exe C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.0.4.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe C:\Program Files (x86)\Samsung\SamsungPCCleaner\SamsungPCCleanerService.exe D:\Bibliotecas\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "D:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:68E26FFF-C74A-482d-87EA-43946CE1C4B0 (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #1] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:27D44ED1-80C0-4fcf-8BD7-062708D9BB9A (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #2] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:55FBF596-6A0C-4118-80B0-9D0910BCD098 (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:68E26FFF-C74A-482d-87EA-43946CE1C4B0 (User 'Default user') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\Windows\System32\drivers\AdminService.exe (file missing) O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: ClientAnalyticsService - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\IntelCpHDCPSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe O23 - Service: @oem36.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\Windows\System32\Intel\DPTF\esif_uf.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d2c8d700ceae61da\igfxCUIService.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Service Controller (mfemms) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: McAfee PEF Service (PEFService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Settings Expansion Launcher - Unknown owner - C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe O23 - Service: Samsung Recovery Service (SamsungRecoveryService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\Recovery\BulletService.exe O23 - Service: SamsungSecurity Launcher - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe O23 - Service: Samsung Update Service (SamsungUpdateService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\SamsungUpdate\SUService.exe O23 - Service: SecPowerCtrlService - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: sService Agent Launcher - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceAgentLauncherSvc.exe O23 - Service: sServiceLoopBack - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceLoopBackSvc.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11676 bytes
×
×
  • Criar Novo...